Client-side scripting may refer to web-based programs that are executed client-side, such as within a web browser. Since client-side scripts are locally executed within a web browser on a device, as opposed to being executed on a remote server, client-side scripts may be able to quickly respond to user events, such as user interactions. As such, client-side scripts may be well-suited for programs that need to respond quickly to user interactions and that can be executed independent of a server.
For example, web-based games that include graphics that change in response to user interactions, and/or scores that are calculated based on user interactions, may be well suited for a client-side scripting implementation. A client-side script for a web-based game may execute in a web browser, independent of a server. A user may interact with the web-based game and the client-side script may respond to the user interactions and/or maintain a score for the user based on the user interactions. At the completion of the web-based game, the web browser may communicate the final score for the user's interactions with the web-based game to a server, such as through a Hypertext Transfer Protocol (HTTP) request. The score for the user may be stored on the server and/or the score may be communicated to an external system for comparison against other users' scores, such as a leaderboard system, or another score aggregation system.
However, a possible drawback to client-side scripting is that the source code of a client-side script is often accessible to the users, such as through the web browser. As such, a user may be able to access the source code for the client-side script and determine the syntax for making unauthorized function calls within the client-side script, such as to improve the user's score in a web-based game. Similarly, a user may be able to access the source code of the client-side script and determine the syntax for a communication of a final score to the server. In this instance, the user may be able to mimic the syntax of the communication of the final score to the server in order to communicate a score of any value, such as a high score, irrespective of whether the user's interactions with the web-based game actually correlate to the high score. Thus, for any client-side script that communicates a value to a server for user interactions during the execution of the client-side script, such as a score of a web-based game, there is a possibility that the value being communicated to the server has been illicitly modified, and/or tampered with, by the user.